5f4393541f5d17757cc2abf6757e9009_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f4393541f5d17757cc2abf6757e9009_JaffaCakes118
Size

388KB
MD5

5f4393541f5d17757cc2abf6757e9009
SHA1

7826d3ac5fc3854651ae399ff11f0c0c4546badf
SHA256

a32d006ea5d97744ce8448b4b55132eca8abb8f2f23e5a17d8f0d861f2da92db
SHA512

4fd4ed26dbe3bda2723d4cb0306a5d1c16e164dd5a2c35866590aa14e06ea2b69cd5a018ebf37ef76632de37438e51c0f69ec8473974f98f645772a72122325c
SSDEEP

6144:PD6yoda6n21iuKHRXI3T1P4tpkf+tyliQTBJun0cgVT9B9NN9:b6QERY3TxWkSyUQTrggLnNN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f4393541f5d17757cc2abf6757e9009_JaffaCakes118

Files

5f4393541f5d17757cc2abf6757e9009_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

aadf5c8667fe05f652d8f2e502e2b9d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ